Consul is a distributed, highly available, and data center aware solution to connect and configure applications across dynamic, distributed infrastructure.
Enterprise LTS: Consul Enterprise 1.15 is a Long-Term Support (LTS) release.
SECURITY:
google.golang.org/protobuf
to v1.33.0 to address CVE-2024-24786. [GH-20801]IMPROVEMENTS:
BUG FIXES:
SECURITY:
google.golang.org/protobuf
to v1.33.0 to address CVE-2024-24786. [GH-20801]alpine3.19
. This resolves CVEs
CVE-2023-52425
CVE-2023-52426 [GH-20812]1.21.8
. This resolves CVEs
CVE-2024-24783 (crypto/x509
).
CVE-2023-45290 (net/http
).
CVE-2023-45289 (net/http
, net/http/cookiejar
).
CVE-2024-24785 (html/template
).
CVE-2024-24784 (net/mail
). [GH-20812]IMPROVEMENTS:
backup_destinations
config file object.BUG FIXES:
SECURITY:
google.golang.org/protobuf
to v1.33.0 to address CVE-2024-24786. [GH-20801]alpine3.19
. This resolves CVEs
CVE-2023-52425
CVE-2023-52426 [GH-20812]1.21.8
. This resolves CVEs
CVE-2024-24783 (crypto/x509
).
CVE-2023-45290 (net/http
).
CVE-2023-45289 (net/http
, net/http/cookiejar
).
CVE-2024-24785 (html/template
).
CVE-2024-24784 (net/mail
). [GH-20812]IMPROVEMENTS:
backup_destinations
config file object.BUG FIXES:
Enterprise LTS: Consul Enterprise 1.18 is a Long-Term Support (LTS) release.
BREAKING CHANGES:
SECURITY:
google.golang.org/protobuf
to v1.33.0 to address CVE-2024-24786. [GH-20801]alpine3.19
. This resolves CVEs
CVE-2023-52425
CVE-2023-52426 [GH-20812]1.21.8
. This resolves CVEs
CVE-2024-24783 (crypto/x509
).
CVE-2023-45290 (net/http
).
CVE-2023-45289 (net/http
, net/http/cookiejar
).
CVE-2024-24785 (html/template
).
CVE-2024-24784 (net/mail
). [GH-20812]IMPROVEMENTS:
backup_destinations
config file object.BUG FIXES:
BREAKING CHANGES:
telemetry.disable_hostname
when determining whether to prefix gauge-type metrics with the hostname of the Consul agent. Previously, if only the default metric sink was enabled, this configuration was ignored and always treated as true
, even though its default value is false
. [GH-20312]SECURITY:
golang.org/x/crypto
to v0.17.0 to address CVE-2023-48795. [GH-20023]FEATURES:
v2dns
in the experiments
agent config to enable.
It will automatically be enabled when using the resource-apis
(Catalog v2) experiment.
The new DNS implementation will be the default in Consul 1.19.
See the Consul 1.18.x Release Notes for deprecated DNS features. [GH-20643]IMPROVEMENTS:
envoy.config.core.v3.HeaderValueOption.append
. [GH-20078]envoy.config.route.v3.HeaderMatcher.safe_regex_match
and envoy.type.matcher.v3.RegexMatcher.google_re2
. [GH-20013]BUG FIXES:
SECURITY:
IMPROVEMENTS:
Internal.ServiceDump
when mesh gateway is not used. [GH-20168]Internal.ServiceDump
watch from proxycfg [GH-20168]BUG FIXES:
http
protocol fails with a protocol-mismatch error. [GH-20481]SECURITY:
IMPROVEMENTS:
Internal.ServiceDump
when mesh gateway is not used. [GH-20168]Internal.ServiceDump
watch from proxycfg [GH-20168]BUG FIXES:
http
protocol fails with a protocol-mismatch error. [GH-20481]SECURITY:
FEATURES:
exported-services
to list all services exported and their consumers. Refer to the CLI docs for more information. [GH-20331]IMPROVEMENTS:
Internal.ServiceDump
when mesh gateway is not used. [GH-20168]Internal.ServiceDump
watch from proxycfg [GH-20168]CaseInsensitive
flag to service-routers that allows paths and path prefixes to ignore URL upper and lower casing. [GH-19647]BUG FIXES:
http
protocol fails with a protocol-mismatch error. [GH-20481]BREAKING CHANGES:
telemetry.disable_hostname
when determining whether to prefix gauge-type metrics with the hostname of the Consul agent. Previously, if only the default metric sink was enabled, this configuration was ignored and always treated as true
, even though its default value is false
. [GH-20312]SECURITY:
golang.org/x/crypto
to v0.17.0 to address CVE-2023-48795. [GH-20023]FEATURES:
IMPROVEMENTS:
Internal.ServiceDump
when mesh gateway is not used. [GH-20168]Internal.ServiceDump
watch from proxycfg [GH-20168]CaseInsensitive
flag to service-routers that allows paths and path prefixes to ignore URL upper and lower casing. [GH-19647]envoy.config.core.v3.HeaderValueOption.append
. [GH-20078]envoy.config.route.v3.HeaderMatcher.safe_regex_match
and envoy.type.matcher.v3.RegexMatcher.google_re2
. [GH-20013]BUG FIXES:
KNOWN ISSUES:
SECURITY:
ubi9-minimal:9.3
as the base image. [GH-20014]IMPROVEMENTS:
match_subject_alt_names
in favor of match_typed_subject_alt_names
. [GH-19954]envoy.config.router.v3.WeightedCluster.total_weight
. [GH-20011]envoy.config.cluster.v3.Cluster.http_protocol_options
[GH-20010]envoy.config.cluster.v3.Cluster.http2_protocol_options
, envoy.config.bootstrap.v3.Admin.access_log_path
[GH-19940]envoy.extensions.filters.http.lua.v3.Lua.inline_code
[GH-20012]BUG FIXES: